Initialize.exe

File Path: C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Description: Glary Utilities Initialize

Hashes

Type	Hash
MD5	`7511532801542AAE6C31871614B53872`
SHA1	`EFE3C143B1F84CD08B9AFB5717EB13FD40CA21BC`
SHA256	`35F7BB3D73096D7F2B7ED9FDF23D458521F5B188CACDC00C10615205D912B8D4`
SHA384	`2BBA9F3BFE83538E9B9902D187E0A021599DACCF0132F0F236C1E57BBE837115D448CD226E85ADB710696E70AFD67266`
SHA512	`FFBAD6B6AB914E1D04E4332F1D5BE430EB25DDDA322513718DEB526571DAE1F8F9D979CA6693D39365950342CF3F1B8B0E288F31577230389AB5FD1C4A34DE13`
SSDEEP	`3072:F1kmHv3g0DQ/sHKyMUyjknO0rpKXnVgwqU2Vg:Hv3g0sUHcUfO0l2qUJ`
IMP	`209CD9667F1D1DD807EEF7FF39F3D2B4`
PESHA1	`E06863B426D448403AF9D3FA973ADD8C916360AF`
PE256	`9B5DCE9DB7BA45A154D9B108A4A6E80FB6D2215E83E486A97D110BADFC7A31E6`

Runtime Data

Open Handles:

Path	Type
(RW-) C:\Program Files (x86)\Glary Utilities 5	File
(RW-) C:\Windows	File
(RW-) C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9625_none_508ef7e4bcbbe589	File
(RW-) C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627	File
(RW-) C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_429cdbca8a8ffa94	File
(RW-) C:\xCyclopedia	File
\BaseNamedObjects__ComCatalogCache__	Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0	Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0	Section
\Sessions\1\BaseNamedObjects\windows_shell_global_counters	Section
\Sessions\1\Windows\Theme2547664911	Section
\Windows\Theme3854699184	Section

Loaded Modules:

Path
C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll

Signature

Status: Signature verified.
Serial: 0F05AE21CDC17B9F3CF09D7BFC659BA3
Thumbprint: 362EBB303E088105BDCC07D94E6B7875D30C0D06
Issuer: CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US
Subject: CN=Glarysoft LTD, O=Glarysoft LTD, S=Beijing, C=CN

File Metadata

Original Filename: Initialize.exe
Product Name: Glary Utilities
Company Name: Glarysoft Ltd
File Version: 5, 0, 0, 48
Product Version: 5.0.0.1
Language: Chinese (Simplified, China)
Legal Copyright: Copyright (c) 2003-2020 Glarysoft Ltd
Machine Type: 32-bit

File Scan

VirusTotal Detections: 0/66
VirusTotal Link: https://www.virustotal.com/gui/file/35f7bb3d73096d7f2b7ed9fdf23d458521f5b188cacdc00c10615205d912b8d4/detection/

File Similarity (ssdeep match)

File	Score
C:\Program Files (x86)\Glary Utilities 5\Initialize.exe	93
C:\program files (x86)\Glary Utilities 5\Initialize.exe	93

Possible Misuse

The following table contains possible examples of Initialize.exe being misused. While Initialize.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source	Source File	Example	License
signature-base	gen_fireeye_redteam_tools.yar	$1 = “initialize” fullword	CC BY-NC 4.0
signature-base	gen_fireeye_redteam_tools.yar	$s7 = “initialize” ascii wide	CC BY-NC 4.0
signature-base	gen_fireeye_redteam_tools.yar	$6 = “initialize” fullword	CC BY-NC 4.0
signature-base	gen_fireeye_redteam_tools.yar	$s5 = “initialize” fullword	CC BY-NC 4.0
signature-base	thor-webshells.yar	$s2 = “PySystemState.initialize(System.getProperties(), null, argv);” fullword	CC BY-NC 4.0
signature-base	threat_lenovo_superfish.yar	$s2 = “Invalid key length used to initialize BlowFish.” fullword ascii	CC BY-NC 4.0

MIT License. Copyright (c) 2020-2021 Strontic.